Thanks. I had forgotten that encrypting data tends to "randomize" it and so 
it wouldn't compress very well. What I was thinking was of was GitHub's 
private repositories perhaps containing company proprietary software. It 
might be attractive to a startup which recruits non-local talent and does 
its work via the Internet rather than in an office building. In that case, 
my paranoia would kick in about the possibility of GitHub being "hacked" 
and my source stolen or compromised. I guess in this case, it would be wise 
for the startup to run a GitHub Enterprise virtual server on its own 
equipment. Or, like I do, have a "git" subdirectory on a machine which 
contains the various repositories and is accessible only via SSH. I.e. keep 
it "in house" with external developers having an SSH connection to the "git 

Thanks for the feedback.

On Tuesday, December 11, 2012 1:44:36 PM UTC-6, John McKown wrote:
> I haven't seen anything like this in anything I've read so far. And I know 
> that git is all about freely sharing. But is there some way to have git 
> keep the repository files encrypted. I know that the files in the .git 
> subdirectory are compressed. It seems to me that it should be relatively 
> simple to have the "git add" do an encrypt step just before the compress 
> step in its processing. You could have a git config core.encrypt and git 
> config cone.encrypt.key variable. The core.encrypt would be TRUE or FALSE. 
> If the value is TRUE, then you could set the core.encrypt.key variable or 
> you could have git ask for the password interactively. Or maybe I just 
> really want it to occur when I do a "git push".
> Yes, I'm a bit of a security nut. And, yes, I know I could gpg encrypt the 
> file before doing the git add. Or I guess that I could even make my own 
> git-encrypt-add script to do it via a "git encrypt-add" operation. Hum.
> Your thoughts are appreciated.


Reply via email to